Skills
skills/tddworks/asc-cli-skills/asc-users

asc-users

SKILL.md

Team Members & Invitations with asc

Manage your App Store Connect team: list members, assign roles, revoke access, and control pending invitations. Built for directory integration and automated access workflows.

Authentication

asc auth login --key-id <id> --issuer-id <id> --private-key-path ~/.asc/AuthKey.p8

CAEOAS — Affordances Guide Next Steps

Every JSON response includes "affordances" — ready-to-run commands with IDs pre-filled:

TeamMember affordances:

{
  "id": "u-abc123",
  "username": "jdoe@example.com",
  "roles": ["DEVELOPER", "APP_MANAGER"],
  "affordances": {
    "remove":      "asc users remove --user-id u-abc123",
    "updateRoles": "asc users update --user-id u-abc123 --role DEVELOPER --role APP_MANAGER"
  }
}

UserInvitationRecord affordances:

{
  "id": "inv-xyz789",
  "email": "new@example.com",
  "roles": ["DEVELOPER"],
  "affordances": {
    "cancel": "asc user-invitations cancel --invitation-id inv-xyz789"
  }
}

Available Roles

Use uppercase values with --role:

ADMIN · FINANCE · ACCOUNT_HOLDER · SALES · MARKETING · APP_MANAGER · DEVELOPER · ACCESS_TO_REPORTS · CUSTOMER_SUPPORT · CREATE_APPS · CLOUD_MANAGED_DEVELOPER_ID · CLOUD_MANAGED_APP_DISTRIBUTION · GENERATE_INDIVIDUAL_KEYS

Typical Workflows

Offboard a departing employee

DEPARTED_EMAIL="former@example.com"

# Check for an active team member
USER_ID=$(asc users list | jq -r --arg e "$DEPARTED_EMAIL" \
  '.data[] | select(.username == $e) | .id')

if [ -n "$USER_ID" ]; then
  asc users remove --user-id "$USER_ID"
  echo "Access revoked."
else
  # Check for a pending invitation that hasn't been accepted yet
  INV_ID=$(asc user-invitations list | jq -r --arg e "$DEPARTED_EMAIL" \
    '.data[] | select(.email == $e) | .id')
  [ -n "$INV_ID" ] && asc user-invitations cancel --invitation-id "$INV_ID"
fi

Onboard a new developer

asc user-invitations invite \
  --email new-hire@example.com \
  --first-name Alex \
  --last-name Smith \
  --role DEVELOPER

Promote a developer to App Manager

# Get the user's ID first
USER_ID=$(asc users list | jq -r '.data[] | select(.username == "dev@example.com") | .id')

# Update replaces all roles — include every role you want them to keep
asc users update --user-id "$USER_ID" --role APP_MANAGER --role DEVELOPER

Audit: list all admins

asc users list --role ADMIN --output table

Output Flags

--pretty          # Pretty-print JSON
--output table    # Aligned table
--output markdown # Markdown table

Full Command Reference

See commands.md for all flags, filters, and examples.

Weekly Installs
5
Repository
tddworks/asc-cli-skills
First Seen
4 days ago
Security Audits
Gen Agent Trust HubFail
SocketPass
SnykPass
Installed on
opencode5
gemini-cli5
github-copilot5
amp5
cline5
codex5